5 China Tech Challenges — Part 1: SSL Headache

By: Alex Duncan

Note from Editor: This will be the first part of a 5 part series detailing some of the biggest tech challenges in China.

One of our big projects in mid-2014 was forcing SSL as standard across our app. With lots of API connections affected and different pieces hosted on different services, it wasn’t completely straight forward. We eventually made the switch. SSL became standard with the release of v4 in November 2014.

We almost immediately started receiving complaints from users that the new version of KAWO was slow or in many cases unusable especially on home and mobile internet connections. Some quick testing revealed SSL to be the cause. Our primary frontend application servers are hosted on AWS in Japan and we use CloudFlare’s marvelous SSL to effortlessly secure our app’s subdomain.

From our understanding, HTTPS traffic originating from outside China is artificially throttled, likely due to the fact it can’t be monitored.

The ultimate solution (which we’re working towards) is to host secondary app servers inside China and secure them with SSL certificates. We’re still working towards that so, in the short term, to prioritise customer experience we are forced to revert back to HTTP in Mainland China.

TL;DR while the rest of the world is switching to SSL China’s GFW is forcing us to head in the opposite direction.


Originally published at blog.kawo.com.

Show your support

Clapping shows how much you appreciated KAWO’s story.